Home Publications CV Talks Personal FAQ Bio
Research Overview
My research lies at the intersection of human-computer interaction, privacy and security, and systems, focusing primarily on two questions:
  • How can we use rich sensor data to improve our lives?
  • How can we make privacy and security easier for everyone?

My research group is CHIMPS (Computer Human Interaction: Mobility Privacy Security). We have been generously funded by DARPA, National Science Foundation, IBM, Army Research Office, Microsoft, Nokia, Intel, Google, Portugal Telecom, Pitney Bowes, CMU Cylab, NQ Mobile, Samsung, Yahoo, the Alfred P. Sloan Foundation, and more. Our work has been featured in CNN, New York Times, BBC, CBS News, MIT Tech Review, World Economic Forum, and more.

Our team's work has had a lot of positive impact on science and on practice. Our work on anti-phishing was adopted by industry groups, inspired the design of anti-phishing browser warnings, and was commercialized through Wombat Security, which has helped train millions of people about cybersecurity. Our team's work on PrivacyGrade.org has influenced industry and policy makers with respect to smartphone privacy.

I help run the Pervasive Computing subreddit. I sometimes write for BLOG@CACM. I was also a co-founder of Wombat Security Technologies, which was acquired by Proofpoint in March 2018.

What's New?
Nov 30, 2018
Our team has released the MobiPurpose data set. It contains over 2 million unique intercepted traffic requests from 15k+ smartphone apps, gathered from our array of smartphones.

Nov 3, 2018
I gave a talk at University of Arizona entitled Fostering an Ecosystem for Smartphone Privacy.

Oct 2, 2018
I gave a keynote talk at VL/HCC 2018 entitled Helping Developers with Privacy.

Jul 1, 2018
I am now officially a full professor at Carnegie Mellon University. Sadly, there does not seem to be a secret handshake.

Jun 20, 2018
I helped moderate a panel on Capitol Hill about AI for Good. (Youtube video)

Mar 1, 2018
Wombat Security, which I co-founded in 2008, was acquired by Proofpoint for $225m!

Sep 1, 2017
I wrote a roadmap for privacy research entitled The Privacy Landscape for Pervasive and Ubiquitous Computing.

Sep 1, 2017
PrivacyStreams (PDF | GitHub) makes it easier for Android devs to get the data they want, while also improving privacy. The programming model uses a functional stream processing approach (a bit like Unix pipes), which also makes it easy to analyze the code and output statements like "this app uses microphone for loudness".

May 29, 2017
I was recently honored with Alumni of the Year from my old high school, South Carolina Governor's School for Science and Math. Here is a link to my speech at the commencement.

May 16, 2017
The HCII and the Tepper School of Business are offering a new Master's Degree of Product Management. I'm helping to run the HCII side.

Nov 9, 2016
Gave a talk at Intel iSecCon on Privacy and Security for the Emerging Internet of Things.

Jun 7, 2016
White paper with New America entitled Toward a Safe and Secure Internet of Things.

Feb 20, 2016
Keynote talk at ICISSP 2016 entitled Privacy, Ethics, and Big (Smartphone) Data.

Sep 9, 2015
Presented some of our team's work on using smartphones for healthcare at the World Economic Forum at Dalian.

Aug 13, 2015
Our CCS 2014 paper Increasing Security Sensitivity with Social Proof: A Large-Scale Experimental Confirmation won Honorable Mention at NSA's Best Scientific Cybersecurity Paper Competition.

Jun 30, 2015
Gave a talk at HCIC 2015 on Social Cybersecurity, but the talk was really about the relationship of Theory with Technical HCI. Here is the workshop paper and slides.

Jun 17, 2015
I'm honored to now be a New America National Cybersecurity Fellow.

Apr 5, 2015
White paper for the NITRD National Research Strategy on Privacy, entitled Research Issues for Privacy in a Ubiquitously Connected World.

Dec 26, 2014
PrivacyGrade.org presents our privacy analysis of 1 million Android apps. Our work has appeared on CNN, US News and World Report, New York Times, CNBC, IEEE Spectrum, Forbes, and more.

Sep 17, 2014
My brother and I have created the Frances and Chou-Chu Hong graduate fellowship at the Veterinary and Animal Sciences Department at the University of Massachusetts.

Mar 10, 2014
One hour crash course in UX design (see slides)

Oct 25, 2013
Gave a talk at PopTech 2013 on sensing and privacy. See slides and video here.

Apr 9, 2012
Livehoods.org re-imagines how cities work in the age of social media. Livehoods has been featured in The Atlantic Cities, Wired Insider, MIT Technology Review, Fast Company Co.Design, New York Post, Wall Street Journal, and Haaretz.

Current Research
Google Scholar | CMU CHIMPS Research group website | CV | All publications

Personal Behavioral Data
How can we make better use of all of the wealth of personal behavioral data (smartphones, web usage, social networking) to develop a better computational model of people, places, activities, and things?

Some Older Research
UniAuth: Streamlining Authentication for Ubiquitous Computing
What kinds of protocols, APIs, and user interfaces are needed for our smartphones to manage all of our authentication needs, both for the web and Internet of Things? See our set of papers on authentication for ubicomp here.

Urban Analytics
How can we use location data from smartphones and social media to understand cities? See our papers on urban analytics here.

User-Controllable Security & Privacy for Pervasive Computing
How can we combine machine learning, dialog, and better user interfaces to empower people to manage their privacy? See our papers on ubicomp privacy here.

Why do people fall for phishing scams? Can we train people not to fall for scams? Can we also develop techniques to detect phishing emails? See our large set of papers on anti-phishing here.

Design Tools
How can we help people design interactive systems faster and better? My past work in this area include sketching interfaces, design patterns, and tools for rapid prototyping. See our set of papers on design tools here.

The CHIMPS Research Team
Our research group is CHIMPS (Computer Human Interaction: Mobility Privacy Security). We have an amazingly talented group of PhD students and post-docs:
  • Fanglin Chen, working on intelligent agents for messaging
  • Siyan Zhao, working on smartphones and well-being
  • Haojian Jin, working on AI/Ethics
  • Tianshi Li, working on smartphone privacy
  • Cori Faklaris (with Laura Dabbish), working on social cybersecurity
Some alums of the CHIMPS group:
  • Karen Tang
  • Janne Lindqvist, now an Assoc Prof at Rutgers
  • Polo Chau (with Christos Faloutsos and Niki Kittur), now an assoc prof at Georgia Tech
  • Guang Xiang (with Carolyn Rose), now doing a startup in China
  • Jialiu Lin (with Norman Sadeh), now a privacy engineer at Google
  • Shah Amini, now at Facebook (previously Appthority and Google)
  • Jun Ki Min, now at Motorola
  • Mike Villena, now at Appthority
  • Afsaneh Doryab, now a System Scientist at CMU
  • Song Luan, now at YouTube (previously Uber)
  • Jason Wiese (with John Zimmerman), now an Asst Prof at University of Utah
  • Eiji Hayashi, now at Google ATAP
  • Sauvik Das, now an Asst Prof at Georgia Tech
  • Dan Tasse, now a data scientist at StitchFix
Some of My Writings and Other Stuff I Helped Create
Running Program Committees My Cybersecurity Advice (for general audiences) Research Tools, Software, Data Sets, and Web Sites Instructor Guides and Reading Seminars Advice for PhD students and Grad School Applicants Odds and Ends The Design of Sites
I co-authored a book on web site design, which uses the notion of web design patterns as a way for facilitating the design of customer-centered web sites. Check out the web site for our book The Design of Sites. Our book has been translated into Polish, Chinese, Korean (and possibly other languages as well).
Current Service Some Past Service